https://github.com/edythecow/docker-whmcs
Dockrized WHMCS running under Traefik proxy! Fully functional and ready for production use.
https://github.com/edythecow/docker-whmcs
docker docker-compose traefik whmcs
Last synced: 7 months ago
JSON representation
Dockrized WHMCS running under Traefik proxy! Fully functional and ready for production use.
- Host: GitHub
- URL: https://github.com/edythecow/docker-whmcs
- Owner: EdyTheCow
- Created: 2021-07-21T13:06:53.000Z (about 4 years ago)
- Default Branch: master
- Last Pushed: 2024-07-31T19:10:23.000Z (about 1 year ago)
- Last Synced: 2024-07-31T23:18:35.876Z (about 1 year ago)
- Topics: docker, docker-compose, traefik, whmcs
- Language: Dockerfile
- Homepage:
- Size: 96.7 KB
- Stars: 29
- Watchers: 6
- Forks: 10
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# 📚 About
The point of this project is a production ready solution for running WHMCS in docker under Traefik reverse proxy. There's already a couple other projects attempting something similar. However, they are either meant for development only, are outdated and/or not optimized to be ran under Traefik. This project complies with all of the official WHMCS security and packages recommendations that are found at ["Further Security Steps"](https://docs.whmcs.com/Further_Security_Steps) and ["System Environment Guide"](https://docs.whmcs.com/System_Environment_Guide).
# 🧰 Getting Started
This project uses Nginx instead of Apache web server, WHMCS was development with Apache in mind so few extra steps are required to achieve production ready setup. Majority of modifications have been already implemented, rest of manual modifications are covered in the guide below.
## Requirements
- Domain
- Valid WHMCS license
# 🏗️ Installation
Clone repository
```
git clone https://github.com/EdyTheCow/docker-whmcs.git
```
Set correct acme.json permissions
Navigate to `_base/data/traefik/` and run
```
sudo chmod 600 acme.json
```
Create docker network
```
docker network create docker-whmcs-network
```
Generate .htpasswd user and password
Navigate to `_base/data/traefik/.htpasswd` and place your htpasswd user/password in there.
If you do not know how to generate such credentials, take a look at detailed guide showcasing multiple different ways https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-nginx-on-ubuntu-14-04 (you only need to generated .htpasswd credentials, the rest of guide can be ignored)
Once done, whenever you navigate to your whmcs admin area, you'll have to login with generated user and password and then login with your WHMCS admin user. This basic auth is very effective against bots and endless spam in emails of failed logins. This only applies for admin page of WHMCS, regular users won't be affected.
Start docker compose
Inside of `_base/compose` run
```
docker-compose up -d
```
Configure Nginx default.conf
Navigate to `whmcs/data/nginx/sites/default.conf` and change these variable:
| Variable | Example | Description |
|-------------------|-------------------------|---------------------------------------------------------------------------------------------------|
| YOUR_DOMAIN | portal.domain.com | Domain for WHMCS installtation |
| YOUR_TRAEFIK_IP | 172.17.0.0/16 | It's normally 172.17.x.x or 172.18.x.x you can find it by running docker inspect on the traefik container |
| IP_OF_YOUR_SERVER | Public IP of the server | This is used to verify the WHMCS license |
Place contents of WHMCS files
Navigate to `whmcs/data/whmcs` and place the contents of WHMCS in there
Set .env variables for WHMCS
Navigate to `whmcs/compose/.env` and set these variables:
| Variable | Example | Description |
|---------------------|---------------------|--------------------------------------------------|
| DOMAIN | portal.domain.com | Domain for WHMCS installtation |
| MYSQL_PASSWORD | MySQL user password | Generate a password for your mysql user |
| MYSQL_ROOT_PASSWORD | MySQL root password | Do not use the same password, generate a new one |
Start docker compose
Inside of `whmcs/compose` run
```
docker compose up -d
```
Now you can navigate to `your-domain.com/install` and follow the installation insturctions. Use `mysql` for MySQL host. User, database and password are found in `whmcs/compose/.env` where you configured them earlier.
After installation delete the install folder in `whmcs/data/whmcs/install` and follow the instruction below for additional configuration for security hardening.
# 🔒 Security Hardening
### Changing Configuration Permissions
Official source: [docs.whmcs.com](https://docs.whmcs.com/Further_Security_Steps#Secure_the_configuration.php_File)
Navigate to `whmcs/data/whmcs` and run
```
sudo chmod 400 configuration.php
```
### Setting correct URL
Official source: [docs.whmcs.com](https://docs.whmcs.com/Further_Security_Steps#Enable_SSL)
Sometimes the URL in admin panel might be using http instead of https which may cause a warning for invalid SSL certificate.
In the WHMCS panel navigate to `System Setting > General Settings` and make sure `Domain` and `WHMCS System URL` are using https.
## Moving Files Above Web Root
Moving files above web root is a recommended practice by official WHMCS documentation. This is fairly easy to do using docker volumes.
The volume `whmcs_storage` is used for this exact purpose, directories have been already created so all you need to do is change them in the admin panel.
### File Storage
Official source: [docs.whmcs.com](https://docs.whmcs.com/Further_Security_Steps#File_Storage)
Navigate to `System Setting > Storage Settings` under `Configurations` add listed local storage:
| Path |
|---------------------------------------------|
| /var/www/whmcs_storage/downloads |
| /var/www/whmcs_storage/attachments |
| /var/www/whmcs_storage/attachments/projects |
Navigate to `Settings` tab and replace tbe old paths with the newly added ones.
### Templates Cache
Official source: [docs.whmcs.com](https://docs.whmcs.com/Further_Security_Steps#Templates_Cache)
Navigate to `whmcs/data/whmcs/configuration.php` and add change path for `$templates_compiledir` to `/var/www/whmcs_storage/templates_c`
### Crons Directory
Official source: [docs.whmcs.com](https://docs.whmcs.com/Further_Security_Steps#Move_the_Crons_Directory)
Navigate to `whmcs/data/whmcs` and move `crons` directory to `whmcs/data/whmcs_storage`.
Navigate to `crons` and edit `config.php.new`, inside the config uncomment the `whmcspath` option and set the new path to `/var/www/html/`.
Rename the `config.php.new` to `config.php`. Navigate to `whmcs/data/whmcs/configuration.php` and add this line at the bottom of the configuration `$crons_dir = '/var/www/whmcs_storage/crons/';`
### eMail Import Cron (optional)
Official source: [docs.whmcs.com](https://docs.whmcs.com/Email_Importing)
Navigate to `whmcs/compose` and edit `docker-compose.yml`, inside the file uncomment the two commands under the ofelia-labels.
Rebuild stack with `docker compose down && docker compose up -d`.
## Setting update folder
Official source: [help.whmcs.com](https://help.whmcs.com/m/updating/l/678178-configuring-the-temporary-path)
Setting update folder will allow you to automatically update WHMCS in the future. Similar to file storage the update folder will be located above the web root inside `whmcs_storage` directory.
Navigate to `Utilities > Update WHMCS` and set the directory to `/var/www/whmcs_storage/whmcs_updater_tmp_dir`
# 🐛 Known issues
# 📜 Credits
- Logo created by Wob - [Dribbble.com/wob](https://dribbble.com/wob)
- Inspired by other similar projects [fauzie/docker-whmcs](https://github.com/fauzie/docker-whmcs), [cloudlinux/kd-whmcs](https://github.com/cloudlinux/kd-whmcs) and [darthsoup/docker-whmcs](https://github.com/darthsoup/docker-whmcs)